webcit/groupdav_main.c

   1 /*
   2  * $Id$
   3  *
   4  * Entry point for GroupDAV functions
   5  *
   6  */
   7
   8 #include <ctype.h>
   9 #include <stdlib.h>
  10 #include <unistd.h>
  11 #include <stdio.h>
  12 #include <fcntl.h>
  13 #include <signal.h>
  14 #include <sys/types.h>
  15 #include <sys/wait.h>
  16 #include <sys/socket.h>
  17 #include <limits.h>
  18 #include <string.h>
  19 #include <pwd.h>
  20 #include <errno.h>
  21 #include <stdarg.h>
  22 #include <time.h>
  23 #include <pthread.h>
  24 #include "webcit.h"
  25 #include "webserver.h"
  26 #include "groupdav.h"
  27
  28
  29 /*
  30  * Output HTTP headers which are common to all requests.
  31  */
  32 void groupdav_common_headers(void) {
  33         wprintf(
  34                 "Server: %s / %s\r\n"
  35                 "Connection: close\r\n",
  36                 SERVER, serv_info.serv_software
  37         );
  38 }
  39
  40
  41
  42 /*
  43  * string conversion function
  44  */
  45 void euid_escapize(char *target, char *source) {
  46         int i;
  47         int target_length = 0;
  48
  49         strcpy(target, "");
  50         for (i=0; i<strlen(source); ++i) {
  51                 if (isalnum(source[i])) {
  52                         target[target_length] = source[i];
  53                         target[++target_length] = 0;
  54                 }
  55                 else if (source[i] == ' ') {
  56                         target[target_length] = '_';
  57                         target[++target_length] = 0;
  58                 }
  59                 else if (source[i] == '-') {
  60                         target[target_length] = '-';
  61                         target[++target_length] = 0;
  62                 }
  63                 else {
  64                         sprintf(&target[target_length], "$%02X", source[i]);
  65                         target_length += 3;
  66                 }
  67         }
  68 }
  69
  70 /*
  71  * string conversion function
  72  */
  73 void euid_unescapize(char *target, char *source) {
  74         int a, b;
  75         char hex[3];
  76         int target_length = 0;
  77
  78         strcpy(target, "");
  79
  80         for (a = 0; a < strlen(source); ++a) {
  81                 if (source[a] == '$') {
  82                         hex[0] = source[a + 1];
  83                         hex[1] = source[a + 2];
  84                         hex[2] = 0;
  85                         b = 0;
  86                         sscanf(hex, "%02x", &b);
  87                         target[target_length] = b;
  88                         target[++target_length] = 0;
  89                         a += 2;
  90                 }
  91                 else if (source[a] == '_') {
  92                         target[target_length] = ' ';
  93                         target[++target_length] = 0;
  94                 }
  95                 else if (source[a] == '-') {
  96                         target[target_length] = '-';
  97                         target[++target_length] = 0;
  98                 }
  99                 else {
 100                         target[target_length] = source[a];
 101                         target[++target_length] = 0;
 102                 }
 103         }
 104 }
 105
 106
 107
 108
 109 /*
 110  * Main entry point for GroupDAV requests
 111  */
 112 void groupdav_main(struct httprequest *req,
 113                         char *dav_content_type,
 114                         int dav_content_length,
 115                         char *dav_content
 116 ) {
 117         struct httprequest *rptr;
 118         char dav_method[SIZ];
 119         char dav_pathname[SIZ];
 120         char dav_ifmatch[SIZ];
 121         int i;
 122
 123         strcpy(dav_method, "");
 124         strcpy(dav_pathname, "");
 125         strcpy(dav_ifmatch, "");
 126
 127         for (rptr=req; rptr!=NULL; rptr=rptr->next) {
 128                 /* lprintf(9, "< %s\n", rptr->line); */
 129                 if (!strncasecmp(rptr->line, "Host: ", 6)) {
 130                         safestrncpy(WC->http_host, &rptr->line[6],
 131                                 sizeof WC->http_host);
 132                 }
 133                 if (!strncasecmp(rptr->line, "If-Match: ", 10)) {
 134                         safestrncpy(dav_ifmatch, &rptr->line[10],
 135                                 sizeof dav_ifmatch);
 136                 }
 137         }
 138
 139         if (!WC->logged_in) {
 140                 wprintf("HTTP/1.1 401 Unauthorized\r\n");
 141                 groupdav_common_headers();
 142                 wprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n",
 143                         serv_info.serv_humannode);
 144                 wprintf("Content-Length: 0\r\n\r\n");
 145                 return;
 146         }
 147
 148         extract_token(dav_method, req->line, 0, ' ');
 149         extract_token(dav_pathname, req->line, 1, ' ');
 150         unescape_input(dav_pathname);
 151
 152         /*
 153          * If there's an If-Match: header, strip out the quotes if present, and
 154          * then if all that's left is an asterisk, make it go away entirely.
 155          */
 156         if (strlen(dav_ifmatch) > 0) {
 157                 striplt(dav_ifmatch);
 158                 if (dav_ifmatch[0] == '\"') {
 159                         strcpy(dav_ifmatch, &dav_ifmatch[1]);
 160                         for (i=0; i<strlen(dav_ifmatch); ++i) {
 161                                 if (dav_ifmatch[i] == '\"') {
 162                                         dav_ifmatch[i] = 0;
 163                                 }
 164                         }
 165                 }
 166                 if (!strcmp(dav_ifmatch, "*")) {
 167                         strcpy(dav_ifmatch, "");
 168                 }
 169         }
 170
 171         /*
 172          * The PROPFIND method is basically used to list all objects in a
 173          * room, or to list all relevant rooms on the server.
 174          */
 175         if (!strcasecmp(dav_method, "PROPFIND")) {
 176                 groupdav_propfind(dav_pathname);
 177                 return;
 178         }
 179
 180         /*
 181          * The GET method is used for fetching individual items.
 182          */
 183         if (!strcasecmp(dav_method, "GET")) {
 184                 groupdav_get(dav_pathname);
 185                 return;
 186         }
 187
 188         /*
 189          * The PUT method is used to add or modify items.
 190          */
 191         if (!strcasecmp(dav_method, "PUT")) {
 192                 groupdav_put(dav_pathname, dav_ifmatch,
 193                                 dav_content_type, dav_content);
 194                 return;
 195         }
 196
 197         /*
 198          * The DELETE method kills, maims, and destroys.
 199          */
 200         if (!strcasecmp(dav_method, "DELETE")) {
 201                 groupdav_delete(dav_pathname, dav_ifmatch);
 202                 return;
 203         }
 204
 205         /*
 206          * Couldn't find what we were looking for.  Die in a car fire.
 207          */
 208         wprintf("HTTP/1.1 501 Method not implemented\r\n");
 209         groupdav_common_headers();
 210         wprintf("Content-Type: text/plain\r\n"
 211                 "\r\n"
 212                 "GroupDAV method \"%s\" is not implemented.\r\n",
 213                 dav_method
 214         );
 215 }